Information Sharing Feed Sources
The information-sharing feed sources include ISACs and other authorities such as CERT. The information-sharing sources are subscription-based feed sources that come directly from your communities of interest. Intel Exchange collaborates with a set of ISACs and other authorities such as CERT, that you can configure on the application and use to poll threat data intel.
Configure Information Sharing Feed Source
Configure an information-sharing feed source to receive threat intel in real-time.
Before you Start
Ensure that you have the View Feed Source, Create Feed Source, and Update Feed Source permissions.
You must subscribe to any of the ISAC feeds listed in the Intel Exchange. Once subscribed, you can enable the feed by entering your username, password, and confidence score.
Steps
To configure an information-sharing feed source, follow these steps:
Go to Administration > Integrations Management > FEED SOURCES > Information Sharing.
Select a feed in All, ISAC, or Other Authorities and click the ellipsis.
Click Edit, and enter the following details:
Username: Enter the username provided by the source organization for authentication.
Password: Enter the password provided by the source organization for authentication.
Confidence: Enter a confidence score ranging between 0 and 100 based on your reliability of the source.
Custom Scores: Enter the default values for the custom scores you have configured in Administration > Configuration > Custom Scores.
Click Update and enable the toggle switch to receive feeds from the source.
You can receive threat intel from an information-sharing feed source and view it in Threat Data.
The following table lists the information-sharing feed sources supported in Intel Exchange:
Category | Source Name | Description | Discovery URL | STIX Version |
|---|---|---|---|---|
ISAC Feeds | MS-ISAC (CIS) | The MS-ISAC is federally funded by CISA and a division of the Center for Internet Security (CIS). The MS-ISAC is autonomously guided by its Executive Committee and member organizations.The Center for Internet Security is a 501 nonprofit organization, formed in October, 2000. Its mission is to make the connected world a safer place by developing, validating, and promoting timely best practice solutions that help people, businesses, and governments protect themselves against pervasive cyber threats | https://cyware.cisecurity.org/ctixapi/ctix21/taxii2/ | 2.1 |
ND-ISAC | The National Defense Information Sharing and Analysis Center (ND-ISAC) serves as a trusted hub for cybersecurity information sharing, collaboration, and coordination among its members within the defense industrial base (DIB) sector. ND-ISAC provides threat intelligence, analysis, and best practices to help its members enhance their cybersecurity posture and protect critical infrastructure and sensitive information from cyber threats. | https://nd-isac.cyware.com/ctixapi/ctix21/taxii2/ | 2.1 | |
NRECA-TAC | The National Rural Electric Cooperative Association Threat Analysis Center (NRECA-TAC) facilitates the exchange of cybersecurity threat intelligence, best practices, and resources among its members to enhance the cybersecurity posture of rural electric cooperatives and protect critical infrastructure. By pooling resources and expertise, NRECA-TAC helps its members to stay informed about emerging threats and mitigate cybersecurity risks more effectively. | https://nreca-tac.uscyware.com/ctixapi/ctix21/taxii2/ | 2.1 | |
E-ISAC | The Electricity Information Sharing and Analysis Center (E-ISAC) gathers and analyzes security data, shares appropriate data with stakeholders, coordinates incident management, and communicates mitigation strategies with stakeholders. The E-ISAC, in collaboration with the Department of Energy (DOE) and the Electricity Subsector Coordinating Council (ESCC), serves as the primary security communications channel for the electric industry and enhances industry's ability to prepare for and respond to cyber and physical threats, vulnerabilities, and incidents. | https://e-isac.cyware.com/ctixapi/ctix21/taxii2/ | 2.1 | |
Space ISAC | The Space ISAC serves to facilitate collaboration across the global space industry to enhance our ability to prepare for and respond to vulnerabilities, incidents, and threats; to disseminate timely and actionable information among member entities; and to serve as the primary communications channel for the sector with respect to this information. Space ISAC is the only all-threat security information source for the public and private space sector. It will be the most comprehensive, single-point source for data, facts, and analysis on space security and threats to space assets. Space ISAC will also provide analysis and resources to support response, mitigation, and resilience initiatives. | https://s-isac.cyware.com/ctixapi/ctix21/taxii2/ | 2.1 | |
Auto-ISAC | Automative-ISAC is an industry-driven community to share and analyze intelligence about emerging cybersecurity risks to the vehicle and to collectively enhance vehicle cybersecurity capabilities across the global automotive industry, including light- and heavy-duty vehicle OEMs, suppliers, and the commercial vehicle sector. | https://auto-isac.cyware.com/ctixapi/ctix21/taxii2/ | 2.1 | |
ME-ISAC | ME-ISAC provides products, platforms, and means for companies to work together on shared problems. It provides Sector-specific intelligence on critical risks, threats, and vulnerabilities provided through robust alerts, assessments, and intelligence products. | https://meisac.cyware.com/ctixapi/ctix21/taxii2/ | 2.1 | |
H-ISAC | The Health Information Sharing and Analysis Center (H-ISAC) association is a global, private sector, non-profit organization that provides a trusted community for the sharing of timely, relevant, and actionable physical and cyber information among stakeholders to ensure the resilience and maintain the continuity of the health sector against cyber and physical threats, incidents, vulnerabilities, and risks. Members include direct patient care providers, health information technology companies, health plan payers, medical device manufacturers, and laboratory, blood, and pharmaceutical organizations. | https://health-isac.cyware.com/ctixapi/ctix21/taxii2/ | 2.1 | |
DNG-ISAC | The Downstream Natural Gas Information Sharing and Analysis Center (DNG-ISAC) association serves natural gas utility (distribution) companies by facilitating communications between participants, the federal government, and other critical infrastructures. Specifically, the DNG-ISAC coordinates very closely with the Electricity ISAC and shares information back and forth between electric, combination (natural gas and electric), and natural gas utilities. The DNG-ISAC promptly disseminates threat information and indicators from government and other sources and provides analysis, coordination, and summarization of related industry-affecting information. | https://dngisac.cyware.com/ctixapi/ctix21/taxii2/ | 2.1 | |
MTS-ISAC | The Maritime Transportation System Information Sharing and Analysis Center (MTS-ISAC) association is a nonprofit that was formed by maritime critical infrastructure stakeholders to address maritime cybersecurity challenges. The MTS-ISAC promotes and facilitates maritime cybersecurity information sharing, awareness, training, and collaboration efforts between private and public sector stakeholders, both within the maritime sector and across other critical infrastructure sectors. Its mission is to effectively reduce cyber risk across the entire MTS community through improved identification, protection, detection, response, and recovery efforts and act as the maritime sector's actionable cyber information-sharing center of excellence. | https://mts-isac.cyware.com/ctixapi/ctix21/taxii2/ | 2.1 | |
A-ISAC | The Aviation Information Sharing and Analysis Center (A-ISAC) association provides an aviation-focused information sharing and analysis function to help protect global aviation businesses, operations, and services. The A-ISAC analyzes and shares timely, relevant, and actionable cyber security information as it pertains to threats, vulnerabilities, and incidents. Also, the A-ISAC enables its members to share threats in real time, understand how to tactically combat threats and implement mitigation strategies, enhance collective sector knowledge, and implement best practices. | https://a-isac.cyware.com/ctixapi/ctix21/taxii2/ | 2.1 | |
LS-ISAO | The Legal Services Information Sharing and Analysis Organization (LS-ISAO) association is a member-driven community that shares actionable cyber threat and systems vulnerability information among law firms for their mutual defense. | https://lsisao.cyware.com/ctixapi/ctix21/taxii2/ | 2.1 | |
FS-ISAC | The Financial Services Information Sharing and Analysis Center (FS-ISAC) association is an industry consortium dedicated to reducing cyber risk in the global financial system. | https://taxii.fsisac.com/ctixapi/ctix21/taxii2/ | 2.1 | |
Non-ISAC Feeds | Texas State ISAO | The Texas Information Sharing and Analysis Organization (ISAO) serves as a forum for organizations across various sectors, including government agencies, private companies, and non-profit organizations, to share threat intelligence, cybersecurity best practices, and resources in the state of Texas, USA. By leveraging shared expertise and resources, the Texas ISAO helps its members to improve cyber resilience and protect critical infrastructure in the state of Texas. | https://cyops.cyware.com/ctixapi/ctix21/taxii2/ | 2.1 |
CERT-IN | The Indian Computer Emergency Response Team is an office within the Ministry of Electronics and Information Technology of the Government of India. It is the nodal agency to deal with cyber security threats like hacking and phishing. It strengthens the security-related defense of the Indian Internet domain. | https://ctix-certin.in/ctixapi/ctix21/taxii2/ | 2.1 | |
Z-CERT | Z-CERT is the Computer Emergency Response Team (CERT) developed specifically for institutions in the Dutch healthcare sector. Z-CERT offers specialized services to healthcare institutions, including optimal cyber security protection. | https://z-cert.cyware.com/ctixapi/ctix21/taxii2/ | 2.1 | |
IDRBT | IDRBT was set up with a vision to "To be the premier and preferred Research and Development Institution on Financial Sector Technology and its Management, working at the intersection of Banking and Technology for the Indian Banking." IDRBT also formed the Chief Information Security Officers (CISO) Forum in the year 2010 with a view to provide a platform for CISOs of all banks to discuss common security concerns in the Indian Banking and Financial Sector and collaboratively provide solutions. The mission of the CISO Forum is to:
Over time, the CISO Forum has emerged as the preferred platform to collaboratively discuss and provide solutions for Information Security concerns in the Indian Banking and Financial Sector, which contributes to enhanced Information Security in Banks. | https://ibcart-ctix.idrbt.ac.in/ctixapi/ctix21/taxii2/ | 2.1 | |
Canadian Cyber Threat Exchange | The CCTX was created to build a secure Canada where all organizations, both private and public, collaborate to reduce cyber security risks. Through the CCTX Data Exchange, they gather, enrich, analyze, and share cyber threat information across business sectors and from other Canadian and international cyber threat-sharing hubs. And they provide actionable cyber threat intelligence with a Canadian focus. | https://cctx.cyware.com/ctixapi/ctix21/taxii2/ | 2.1 |